search

lavabit / robox

The tools needed to robotically create/configure/provision a large number of operating systems, for a variety of hypervisors, using packer.
637 stars 141 forks source link

generic/ubuntu1804 disables IPv6 #79

Open mgedmin opened 5 years ago

mgedmin commented 5 years ago

I had a fun fifteen minutes trying to figure out why sudo apt install redis-server fails in a generic/ubuntu1804 VM. Turns out it wants to listen on ::1, but you ship a /etc/sysctl.conf that has

net.ipv6.conf.all.disable_ipv6 = 1

The comments in your build scripts imply that you intended to disable IPv6 only temporarily, during the build process, or am I confused?

ladar commented 5 years ago

Yes, the Debian/Ubuntu installers, (and possibly older apt versions) wouldn't work if the IPv6 stack is enabled. The only builds which require IPv6 to remain disabled after setup are the Lineage/Magma variants, which is why I haven't added a blanket removal to the cleanup.sh module.

I think the reason it's tricky is because the network.sh module makes the change, immediately before rebooting, otherwise I wouldn't need to persist the setting for every variant.

If enough people think it should be enabled by default, we could add something to the cleanup.sh modules which removes it for the generic builds.

skyscooby commented 5 years ago

The boxes should be left in a state that is as close to the OS release as 'generically' possible.. If packages from the OS stream are failing to install that doesn't give people much confidence in using it as a generic base... IMO anyway.

ladar commented 5 years ago

Once I get the new servers setup, it will be easier to enable IPv6 and then quickly test what it breaks.

The problem was that enabling it broke the install process for some of the distro/provider combinations. As I recall Debian/Ubuntu on Hyper-V was the most problematic. Since configs tend to get carried forward without change, I haven't tested whether the newer releases fix the installer issues.

mikedep333 commented 5 years ago

Can't we just use /etc/gai.conf instead to prefer IPv4 over IPv6?

http://terokarvinen.com/2016/prefer-ipv4-on-ubuntu-16-04-lts-xenial-etcgai-conf-precedence-ffff0096-100

canozyurt commented 2 years ago

I want to let you know this caused a lot confusion for me yesterday. This issue is still relevant. Having IPv6 disabled while thinking you have just started a fresh test environment got me off-guard. The fact that VMs still get IPv6 addresses and they don't work is easy to overlook and not intuitive.